Update 'README.md'
This commit is contained in:
62
README.md
62
README.md
@@ -1,5 +1,7 @@
|
|||||||
# List of useful tools and guides
|
# List of useful tools and guides
|
||||||
|
|
||||||
|
# Tools
|
||||||
|
|
||||||
## Cane
|
## Cane
|
||||||
|
|
||||||
- Computer Forensics Linux Live Distro
|
- Computer Forensics Linux Live Distro
|
||||||
@@ -41,7 +43,7 @@
|
|||||||
|
|
||||||
## Any run
|
## Any run
|
||||||
|
|
||||||
- Malware hunting with live access to the heart of the incident
|
- Malware hunting with live access to the heart of the incident
|
||||||
- Link: https://app.any.run/
|
- Link: https://app.any.run/
|
||||||
|
|
||||||
## Virus Total
|
## Virus Total
|
||||||
@@ -56,5 +58,59 @@
|
|||||||
|
|
||||||
## FTK Imager
|
## FTK Imager
|
||||||
|
|
||||||
- Any kind of the disk forencisc tool
|
- Any kind of the disk forencisc tool
|
||||||
- Link: https://accessdata.com/product-download-page#FTKImager
|
- Link: https://accessdata.com/product-download-page#FTKImager
|
||||||
|
|
||||||
|
## Catalyst
|
||||||
|
|
||||||
|
- SOAR and tciketing system to automate incident management
|
||||||
|
- Link: https://git.csec.ba/CSEC_PUBLIC/catalyst
|
||||||
|
|
||||||
|
## RTIR
|
||||||
|
|
||||||
|
- Request Tracker for Incident Response is incident managemet system for CSIRT teams.
|
||||||
|
- Link: https://bestpractical.com/rtir/
|
||||||
|
|
||||||
|
## Hayabusa
|
||||||
|
|
||||||
|
- Windows event log forencisc and threat activity hunting tool
|
||||||
|
- Link: https://git.csec.ba/CSEC_PUBLIC/hayabusa
|
||||||
|
|
||||||
|
## WELA
|
||||||
|
|
||||||
|
- Windows event log analyser tool who is creating data collections for easy search.
|
||||||
|
- Link: https://git.csec.ba/CSEC_PUBLIC/WELA
|
||||||
|
|
||||||
|
# Cheatsheets
|
||||||
|
|
||||||
|
- Security incident survey cheat sheet for server administrators
|
||||||
|
- Link: https://zero.bs/dontpanic/security-incident-survey-cheat-sheet.pdf
|
||||||
|
|
||||||
|
## Network DDOS incident response cheat sheet
|
||||||
|
|
||||||
|
- Link: https://zero.bs/dontpanic/ddos-incident-cheat-sheet.pdf
|
||||||
|
|
||||||
|
## Linux intrusion detection cheat sheet
|
||||||
|
|
||||||
|
- Link: https://zero.bs/dontpanic/linsacheatsheet.pdf
|
||||||
|
|
||||||
|
## Unix/Linux systems signs of compromise
|
||||||
|
|
||||||
|
- Link: https://zero.bs/dontpanic/checking_unix_for_compromises.pdf
|
||||||
|
|
||||||
|
## Critical log review checklist for security incidents
|
||||||
|
|
||||||
|
- Link: https://zero.bs/dontpanic/security-incident-log-review-checklist.pdf
|
||||||
|
|
||||||
|
## Windows intruder detection checklist
|
||||||
|
- Link: https://zero.bs/dontpanic/widc.pdf
|
||||||
|
|
||||||
|
## Windows intrusion discovery cheat sheet
|
||||||
|
|
||||||
|
- Link: https://zero.bs/dontpanic/winsacheatsheet.pdf
|
||||||
|
|
||||||
|
## Check Microsoft Windows signs of compromise cheat sheet
|
||||||
|
|
||||||
|
- Link: https://zero.bs/dontpanic/win_intrusion.pdf
|
||||||
|
|
||||||
|
# Guidance
|
||||||
Reference in New Issue
Block a user